Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DSOS-2123: add oem secretmanager secrets #3352

Merged
merged 35 commits into from
Sep 13, 2023
Merged

DSOS-2123: add oem secretmanager secrets #3352

merged 35 commits into from
Sep 13, 2023

Conversation

drobinson-moj
Copy link
Contributor

Store OEM passwords as SecretManager Secrets so they can be shared across accounts.
Add relevant policies and the placeholder secrets themselves.

@drobinson-moj drobinson-moj requested review from a team as code owners September 13, 2023 09:52
@github-actions github-actions bot added the environments-repository Used to exclude PRs from this repo in our Slack PR update label Sep 13, 2023
@drobinson-moj drobinson-moj temporarily deployed to hmpps-oem-test September 13, 2023 09:54 — with GitHub Actions Inactive
@drobinson-moj drobinson-moj temporarily deployed to hmpps-oem-development September 13, 2023 09:54 — with GitHub Actions Inactive
@drobinson-moj drobinson-moj temporarily deployed to nomis-development September 13, 2023 09:55 — with GitHub Actions Inactive
@github-actions
Copy link
Contributor

TFSEC Scan Success

Show Output 
*****************************

TFSEC will check the following folders:

Checkov Scan Success

Show Output 
*****************************

Checkov will check the following folders:

CTFLint Scan Success

Show Output 
*****************************

Setting default tflint config...
Running tflint --init...
Installing `terraform` plugin...
Installed `terraform` (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.2.1)
tflint will check the following folders:

@drobinson-moj drobinson-moj merged commit 7331534 into main Sep 13, 2023
25 checks passed
@drobinson-moj drobinson-moj deleted the DSOS-2123/add-oem-secretmanager-secrets branch September 13, 2023 12:53
vladimir-kovalyov pushed a commit that referenced this pull request Sep 14, 2023
@drobinson-moj @vladimir-kovalyov
DSOS-2123: add oem secretmanager secrets (#3352)
9af7cb1 
* add resources option to secretmanager policy

* add oem secrets and policy

* whitespace

* fix

* test

* fix

* rename secret

* add EC2 policy for updating secrets

* update baseline opts

* fix

* fix

* fix

* fix

* fix

* fix

* update secrets policy

* test

* fix

* fix

* test

* test

* test

* test

* test

* test

* test

* add EMREP secret

* add Get Secret and Parameter policies

* allow GetResourcePolicy

* allow GetResourcePolicy

* Remove ResourcePolicy permission

* add PutResourcePolicy

* test

* update policy

* update naming
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wullub wullub wullub approved these changes

Assignees
No one assigned
Labels
environments-repository Used to exclude PRs from this repo in our Slack PR update
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@drobinson-moj @wullub